Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Upcoming SlideShare
2010 IBM Global CEO Study Capitalizing on Complexity
Next

0

Share

Privacy & Security Challenges Faced By Financial Services In The Digital Age

Outlines the regulatory, privacy and security risks faced by FinTech companies and Financial Services firms if their digital strategy is not thought through.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all
  • Be the first to like this

Privacy & Security Challenges Faced By Financial Services In The Digital Age

  1. 1. Page § 1Confidential YOUR LOGO Security & Privacy Challenges Faced By Financial Services Firms In The Digital Age Kalpesh Desai CEO Agile Financial Technologies info@agile-ft.com
  2. 2. Page § 2Confidential The “Millenials” have changed all the questions § The success of your digital strategy will depend on millenials warming up to the same § Millenials only wish to interface digitally § Financial services firms are being forced to focus on user experience and turn their IT systems around § Traditional systems were designed for workflow, assuming that customers were willing to wait for a response § The digital customer wants information and service on-demand (mobile devices and the web)
  3. 3. Page § 3Confidential Digital Technology Has Changed The Way We Do Business Financial firms desire to create "insight based" customer experiences Need to leverage "The digital channel” Need to evolve the role of agents in the digital age Work with Aggregators and Disrupters (P2P) Identify and work directly with Ecosystems Embrace "Internet of Things" into their business model
  4. 4. Page § 4Confidential Digital Technology Disruption Across Financial Services
  5. 5. Page § 5Confidential Bottlenecks § Technology deficit is glaring as financial firms rush to jump onto the bandwagon without thinking through security and privacy challenges § Big data required for insight based customer experiences, provides big security and privacy challenges § Regulators are also evolving and as business models go cross- border across ecosystems, there may be one or more regulator involved. FinTech companies need a full time compliance officer!
  6. 6. Page § 6Confidential Risks, Threats & Challenges § Privacy & Customer Information Ownership - Financial services sector maintains sensitive information about individuals and enterprises - As penetration of online and mobile services increase, more data is available in digital format – easier to analyze but susceptible to security breaches - This data eventually is ubiquitous - Interaction with ecosystems and aggregators crosses regulatory boundaries and a very, very thin line in terms of how sensitive personal, financial and health information would be provided to third parties in a secure manner. - When data is shared, data ownership must be firmly established because this can violate your consent agreements with customers - Data labeling, selective data sharing and identity/privacy-aware data sharing will become the need of the hour. - Privacy aware data sharing is complex and requires rework and tagging on already voluminous data
  7. 7. Page § 7Confidential Risks, Threats & Challenges § Digital Identity Theft - Major challenge as integrated, omnichannel experiences are being demanded by customers - To extend fintech services in a seamless fashion, reliance on conventional authentication mechanisms such as passwords and PINs have reduced, leading way to: - Devices (mobile phones) equipped with biometric sensors - OTP (one time passwords) - Code generating apps (Google Authenticator) - Potential to clone these identities lead to amplified risks - Adaptive authentication or risk-based authentication potentially analyzes user behavior. Granting access on this basis could lead to misuse of digital identities - API’s and interfacing systems communicate with multiple enterprise apps and allow seamless sharing of data. Opens up threats to cross-platform malware - There is a serious technology and security architecture deficit amongst most financial institutions that could enable them fight the threat - FinTech startups, though innovative, are just as good as their software coding practices
  8. 8. Page § 8Confidential Risks, Threats & Challenges § Risk of regulatory non-compliance - Compliance with KYC, anti-money laundering norms and regulatory enforced blacklists - Ability to report suspicious activity across ubiquitous systems - Compliance with data protection laws § Regulators take privacy policies very seriously - Thin line between trying to gain customer insight and infringing on privacy - In some cases, completely against regulation - Online payment processing company, Dwolla, was fined USD 100K for purporting that its transactions were “safe” and “secure,” that its information was “securely encrypted,” and that it was compliant with up-to-date data security standards. They were investigated by Consumer Financial Protection Bureau (CFPB) and taken to task in March 2016 § Risk of cyber-attacks - “There are only two types of companies: those that are already hacked and those that will be” ~ Robert Mueller, FBI Director
  9. 9. Page § 9Confidential Key Considerations § In the absence of a single regulator and the ubiquitous nature of FinTech services, ignorance of statutory & regulatory laws is inexcusable. § Control access to data with systems, policies and procedures § Implement audit and forensic capabilities to comply with regulatory, statutory or law enforcement audit requirements § Dispose of data you no longer need – reduce potential liabilities in the event of a security breach § Treat customers and consumers consistently with promises (Online Privacy Policy) and in line with regulatory norms
  10. 10. Page § 10Confidential Key Considerations § Proactively disclose breaches § Focus on risk assessment and adopting security controls § Implement strict policies on allowing confidential data to be stored outside your firewall § Take steps to reduce threats against targeted eavesdropping, man- in-the-middle attacks, cross-platform malware § Be cautious about the public cloud, a favorite target of data thieves.
  11. 11. Page § 11Confidential For more information, write to: info@agile-ft.com Visit us on: www.agile-ft.com U.S.A. Ÿ Mauritius Ÿ U.A.E. Ÿ India Ÿ Singapore

Outlines the regulatory, privacy and security risks faced by FinTech companies and Financial Services firms if their digital strategy is not thought through.

Views

Total views

529

On Slideshare

0

From embeds

0

Number of embeds

16

Actions

Downloads

0

Shares

0

Comments

0

Likes

0

×